The GDPR (or General Data Protection Regulation) is an effort from the European Commission and the EU to ensure that EU citizens' personal data is handled in the appropriate manner by organizations who hold their data.
Some are calling it an effort to give citizens' back their right to manage their own data. The GDPR adoption should therefore result in protections for European citizens personal data and the means for citizens' to have portability of their data.
The important takeaway here is the the General Data Protection Regulation is designed to ensure that consumers as well as companies know that their personally identifiable data is secure.
The GDPR document has 173 recitals and 99 articles. The recitals give explanations of the law in more of a vernacular, so that (and this is the goal here) almost anyone can understand them.